The vulnerability of the nf_tables_newset function (net/netfilter/nf_tables_api.c) in Linux operating system kernels, which allows a hacker to cause a service failure

🗓️ 01 Feb 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

A memory initialization vulnerability in the Linux kernel netfilter nf_tables_newset can enable service disruption.

Reporter	Title	Published	Views	Family All 109
ATTACKERKB	CVE-2021-46283	11 Jan 202222:15	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
CBLMariner	CVE-2021-46283 affecting package kernel 5.10.189.1-1	1 Feb 202204:54	–	cbl_mariner
CNNVD	netfilter 安全漏洞	11 Jan 202200:00	–	cnnvd
CVE	CVE-2021-46283	11 Jan 202221:19	–	cve
Cvelist	CVE-2021-46283	11 Jan 202221:19	–	cvelist
Debian CVE	CVE-2021-46283	11 Jan 202221:19	–	debiancve
EUVD	EUVD-2021-32972	3 Oct 202520:07	–	euvd
Microsoft CVE	nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.	21 Jan 202208:00	–	mscve
NVD	CVE-2021-46283	11 Jan 202222:15	–	nvd

Source	Link
cdn	www.cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.13
git	www.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/
syzkaller	www.syzkaller.appspot.com/bug
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-46283
wiki	www.wiki.astralinux.ru/astra-linux-se17-bulletin-2022-0819SE17
wiki	www.wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
wiki	www.wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47
web	www.web.nvd.nist.gov/view/vuln/detail

20 Oct 2022 00:00Current

6.6Medium risk

Vulners AI Score6.6

CVSS 24.6

CVSS 35.5

EPSS0.0004

linux kernel netfilter vulnerability memory initialization service disruption